System and method for providing redirections

ABSTRACT

A redirection of a URL page request may be performed by monitoring an upstream path from a subscriber to the internet through an ISP. When a URL page request is detected from a subscriber for whom a redirection is required, a redirection device generates a single TCP packet response that mimics a response from the intended destination server. The single TCP packet includes a set FIN bit that closes any active session with the destination server to prevent the subscriber from accepting packets from the destination server.

FIELD OF THE INVENTION

This disclosure relates to providing bulletin services and notificationsto subscribers of an internet service provider (ISP).

BACKGROUND OF THE INVENTION

In the Assignee's earlier patent applications, U.S. Ser. No. 10/023,674and U.S. Ser. No. 10/623,893, the entire contents of which areexplicitly incorporated herein by reference, the present Assigneedescribed networks in which communications such as bulletin servicescould be provided from an ISP to a subscriber of the ISP. In thereferenced applications, a redirection device was placed in the path ofupstream traffic from the subscriber. The redirection device, operatingwith a consolidating and management device, processed upstream datapackets. If the upstream data packet contained a URL page request from asubscriber for whom a bulletin service was pending, the URL page requestwas redirected to the bulletin server. The bulletin server incorporatedthe bulletin notification into the URL page requested by the subscriber.

In particular examples provided in the applications referenced above,subscribers of an ISP attempting access to an internet service wereprovided with notification of potential internet service issues. Afurther application of providing communications to subscribers includesnotifying subscribers of potential virus infections and e-mail spammingsuch as disclosed in the Assignee's co-pending patent application U.S.Ser. No. 12/004,634, the entire contents of which are explicitlyincorporated herein by reference. A further application of providingcommunications to subscribers includes notifying subscribers ofpotential theft of Internet service on an unsecured subscriber account,as described in the Assignee's co-pending patent application U.S. Ser.No. 12/004,635, the entire contents of which are explicitly incorporatedherein by reference.

More recently, such as in the Assignee's co-pending patent applicationU.S. Ser. No. 12/340,863 the Assignee has suggested a modification tothe redirection process in which the upstream data packets are mirroredor tapped to the redirection device so that the redirection device doesnot interfere with the upstream traffic and receives only a copy ofrelevant upstream packets, such as the URL page requests.

While the mirror redirection process provides a more efficient ISPservice, problems can occur. Because the router mirrors or otherwisetaps the upstream packet stream without affecting the upstream packets,a URL “GET” request will arrive at the intended destination server aswell as causing a redirection to the alternative bulletin servicesserver. There is therefore a possibility that a response from the realdestination server will intermingle with the redirection responsecreating a conflict.

What is a required is a system and method that prevents conflictsbetween responses from alternative web servers.

SUMMARY OF THE INVENTION

In one aspect of the disclosure, there is provided a method forproviding a notification service to a subscriber of an Internet ServiceProvider (ISP). The method comprises monitoring upstream traffic throughthe ISP from the subscriber and detecting a URL page request from thesubscriber to a destination server. A redirection to the notificationservice is generated in response to detection of the URL page requestand provided to the subscriber. The redirection comprises a singlepacket closing an active session between the subscriber and thedestination server.

In one aspect of the disclosure, there is provided a method ofredirecting a web page request from a subscriber comprising generating asingle TCP packet comprising redirection data and a set FIN bit andproviding the TCP packet to the subscriber.

In one aspect of the disclosure, there is provided an Internet ServiceProvider comprising a router and a redirection device. The router copiesselected packets from a subscriber to the redirection device. Theredirection device determines from copied packets whether a redirectionis required, generates a redirection packet comprising redirection dataand a set FIN bit, and provides the redirection packet to thesubscriber.

BRIEF DESCRIPTION OF THE DRAWINGS

The invention will now be described, by way of example only, withreference to specific embodiments and to the accompanying drawings inwhich:

FIG. 1 schematically illustrates a network in accordance with anembodiment of the disclosure;

FIG. 2 represents a method for providing a notification service to asubscriber;

FIG. 3 represents a method for providing a single TCP packet redirectionto a subscriber; and

FIG. 4 illustrates an example of a single TCP packet redirection.

DETAILED DESCRIPTION OF THE INVENTION

The present embodiments utilize many of the features and functionalitiesof the networks described in the Assignee's earlier patent applicationsreferenced above, to which additional reference may be made. In FIG. 1,there is shown a system or network 10 in accordance with an embodimentof the disclosure. The network 10 includes an Internet Service Provider(ISP) 12 providing internet service between the internet 16 and aplurality of subscribers 14 via upstream 15 and downstream paths 28. Forthe sake of clarity, the subscriber device 14 is depicted as a personalcomputer, or PC. However, it will be readily understood by the personskilled in the art that the subscriber device 14 may be any internetenabled device such as a personal computer (PC), laptop, palm device,mobile telephone, gaming console and the like, and all such internetenabled devices are to be considered equivalent.

The ISP 12 includes a router or switch 22, a redirection device 21, aconsolidating and management device 26 and an address provisioningdatabase 23. The address provisioning database 23 stores associationsbetween subscribers of the ISP and IP addresses allocated to thesubscribers. The consolidating and management device 26 provides a queryengine for accessing data from the database 23 in response to requestsfrom the redirection device 21. The consolidating and management device26 is operatively associated with the redirection device 21 to form apacket processing system, as will be described in greater detail below.

The router 22 provides a “mirror port” or “tap” on the upstream path 15that detects selected upstream packets 27 and copies the selectedpackets to the redirection device 21 for further processing in additionto allowing the upstream packets 27 to pass to their intendeddestination. Downstream traffic from the internet 16, indicated by path28 is routed by the router 22 to the intended subscriber 14.

In the above referenced applications, certain upstream packets triggerredirections to alternative servers other than the intended destinationserver for providing a notification service. A method for providing anotification service in accordance with an embodiment of the disclosureis depicted in the flowchart 100 of FIG. 2. At step 101, the upstreamtraffic through the ISP is monitored and a URL page request is detectedat step 102. If appropriate, a redirection to the notification serviceis generated at step 103 and provided to the subscriber at step 104.Further details of providing the redirection response are describedbelow.

In one embodiment, the router 22 may detect upstream packets 27 thatcontain a web “GET” request to fetch a web page from a destinationserver 31. The router 22 copies, i.e. mirrors, these packets to theredirection device 21. The redirection device 21 processes the packet todetermine a subscriber identity and then executes a query on thedatabase 23 using the consolidation and management device 26 todetermine whether a bulletin service is pending for the subscriber. Ifno bulletin service is pending, then the redirection device 21 performsno function and the subscriber fetches the intended web page from thedestination server 31 in accordance with the GET request. If a bulletinservice is pending, the redirection device injects a redirectionresponse 40 into the downstream path 28 to the subscriber. Theredirection response 40 redirects the subscriber to an alternativebulletin server 32 that is identified in the redirection packet. Asdescribed in the above referenced patent applications, the bulletinserver 32 combines a bulletin service frame having a notificationmessage together with the content of the web page originally requestedby the subscriber. Other forms of providing the bulletin service havealso been described, including pop-up windows and the like.

The term redirection device is used herein in order to provideconsistency with the Applicant's earlier patent applications referencedabove. The person skilled in the art will understand from the foregoingdescription that in the context of the present disclosure, theredirection device may not perform a strict redirection function in allembodiments. The term redirection may encompass many forms ofredirection, including, but not limited to a redirection to analternative server, a redirection away from the intended destinationserver, a straight HTTP redirect or a replacement page containingmultiple HTTP, HTML, and/or scripting constructs (e.g., “<script src= .. . >”) that essentially redirect the resulting visual rendering on thesubscribers display.

In addition, a redirect may not be total, in that a GET request maycause a redirection as well as being transmitted through to the intendeddestination server. In addition, a redirection away from a destinationserver may still cause the intended page content to be retrieved fromthe destination server via a replacement page containing multiple“gets”.

Because the router 22 mirrors the GET request to the redirection device21, the original GET request may continue to the destination server 31triggering a response from the destination server 31 to the subscriber14. The destination server response may conflict with the redirectionresponse 40. Therefore, in an embodiment of the disclosure depicted inthe flowchart 200 of FIG. 3, a single TCP packet comprising redirectiondata and a set FIN bit is generated at step 201 and provided to thesubscriber at step 202.

The redirection response 40 is depicted in FIG. 4. The redirectionresponse 40 is generated as a single TCP packet that mimics a responsefrom the destination server 31, for example, by identifying thedestination server in the source port field 41 of the TCP header. Thesubscriber is identified in the destination field 42. The redirectionpacket 40 includes the data 44 that redirects the subscriber 14 to thebulletin server 32. Furthermore, in order to ensure that the subscriber14 accepts the redirection packet 40 and does not accept packets fromthe destination server 31, the redirection packet 40 is created with theFIN bit 43 of the TCP header set. The set FIN bit 43 closes the activesession with the destination server 31 and ensures that any packetsreturning from the destination server 31 will be rejected by thesubscriber 14.

While the ISP 12 is conceptually shown in FIG. 1 as a single entity, aperson skilled in the art will recognize that the components of the ISPmay be provided in a distributed manner with suitable communicationbetween components. For example, as described in the Assignee'sreferenced applications above, there can be a benefit if the routerand/or the redirection device are placed at an edge of the network thatrepresents the last scalable point in the operator's network, such as inthe neighborhood along with a cable access concentrator. Theconsolidation and management device 26 and database 23 may be locatedelsewhere, such as at a network operations centre of the ISP 12. Inaddition, though the bulletin server 32 is shown outside of the ISP 12,in some embodiments, the bulletin server 32 may be a component of theISP 12.

The process of generating and sending the single TCP packet response maybe embodied in software and/or in hardware. For example, computerexecutable instructions may be stored on a computer readable mediumthat, when executed, cause the processor to perform one or more of thesteps illustrated in the flowcharts of FIGS. 2 and 3. A processor may beoperatively associated with a memory and provided in at least one of theredirection device and the consolidation and management device forexecuting the above described method steps.

Though a single database 23 is illustrated and described herein forclarity, the person skilled in the art will readily understand that thedatabase 23 can be divided into a higher number of databases or may beconsolidated with other databases. For example, the databases 23 may beconsolidated with a database for storing an association between usersand a subscriber account, as described in the Assignee's U.S. patentapplication Ser. No. 12/004,635, filed Dec. 24, 2007, titled “SYSTEM,METHOD AND COMPUTER READABLE MEDIUM FOR DETERMINING USERS OF AN INTERNETSERVICE”, now U.S. Pat. No. 8,856,314, issued on Oct. 7, 2014, theentire contents of which are herein incorporated by reference.Alternatively or in addition, the database 23 may be consolidated with adatabase for storing an association between a subscriber and a sharedsecret as described in the Assignee's U.S. patent application Ser. No.12/004,645, filed Dec. 24, 2007, titled “SYSTEM, METHOD AND COMPUTERREADABLE MEDIUM FOR MESSAGE AUTHENTICATION TO SUBSCRIBERS OF AN INTERNETSERVICE PROVIDER”, now U.S. Pat. No. 8,161,284, issued on Apr. 17, 2012,the entire contents of which are herein incorporated by reference.

Although embodiments of the present invention have been illustrated inthe accompanying drawings and described in the foregoing description, itwill be understood that the invention is not limited to the embodimentsdisclosed, but is capable of numerous rearrangements, modifications, andsubstitutions without departing from the spirit of the invention as setforth and defined by the following claims. For example, the capabilitiesof the invention can be performed fully and/or partially by one or moreof the blocks, modules, processors or memories. Also, these capabilitiesmay be performed in the current manner or in a distributed manner andon, or via, any device able to provide and/or receive information.Further, although depicted in a particular manner, various modules orblocks may be repositioned without departing from the scope of thecurrent invention. Still further, although depicted in a particularmanner, a greater or lesser number of modules and connections can beutilized with the present invention in order to accomplish the presentinvention, to provide additional known features to the presentinvention, and/or to make the present invention more efficient. Also,the information sent between various modules can be sent between themodules via at least one of a data network, the Internet, an InternetProtocol network, a wireless source, and a wired source and viaplurality of protocols.

1. A method, comprising: detecting, by a routing device, selected packets of upstream traffic, wherein the selected packets contain a web request to fetch a web page from a destination server; detecting, by a redirection device, a URL page request from a subscriber to the destination server; determining, by the redirection device, a subscriber identity contained in the selected packets by executing a query to a database of subscriber identities to further determine whether a bulletin service is pending for the subscriber, wherein if no bulletin service is pending, fetching the intended web page from the destination server, in accordance with the web request, otherwise if a bulletin service is pending, proceeding, by the redirection device, to process the selected packets; generating, by the redirection device, a redirection as a single TCP packet that mimics a response from the destination server to a notification service in response to detection of the URL page request and identifying the subscriber in the destination field of the single TCP packet; and providing, by the redirection device, the redirection to the subscriber to close an active session between the subscriber and destination server; and enabling the subscriber to access the bulletin service, wherein the bulletin service comprises a bulletin service frame with a notification message which is combined with content of a web page originally requested via the URL page request.
 2. The method of claim 1, comprising monitoring, by a routing device, upstream traffic from the subscriber.
 3. The method of claim 1, wherein the web request is a “GET” request.
 4. The method of claim 1, wherein the redirection as a single TCP packet that mimics a response from the destination server to the notification service in response to detection of the URL page request occurs by identifying the destination server in a source port field of the single TCP packet.
 5. The method of claim 1, wherein the single TCP packet identifies a bulletin server as a redirection destination for the subscriber, wherein the bulletin server comprises an alternative web page server of the Internet Service Provider.
 6. The method of claim 1, comprising processing the URL page request to determine the subscriber identity and determining whether the notification is pending for the subscriber identity.
 7. The method of claim 1, wherein the redirection closes an active session between the subscriber and the destination server via the TCP packet which ensures any packets from the destination server will be rejected at the subscriber.
 8. The method of claim 7, wherein the redirection closes the active session between the subscriber and the destination server via a FIN bit included in the TCP packet.
 9. The method of claim 1, comprising allowing the URL page request to pass to the destination server.
 10. The method of claim 1, comprising processing the redirection.
 11. The method of claim 10, wherein processing the redirection comprises generating a bulletin service and providing the bulletin service to the subscriber.
 12. A method, comprising: receiving, by a routing device, a web page request, from a subscriber; determining, by the routing device, an identity of a web page server identified in the web page request; forwarding, by the routing device, the web page request to a redirection device; determining, by the redirection device, a subscriber identity contained in the web page request by executing a query to a database of subscriber identities to further determine whether a bulletin service is pending for the subscriber, wherein if no bulletin service is pending, the subscriber fetches the intended web page form the web page server, in accordance with the web page request, otherwise if a bulletin service is pending, the redirection device proceeds to process the web page request; generating, by the redirection device, a single TCP packet, wherein the single TCP packet identifies the subscriber in a destination field of the single TCP packet; and providing, by the redirection device, the single TCP packet to the subscriber, enabling the subscriber to access the bulletin service, wherein the bulletin service comprises a bulletin service frame with a notification message which is combined with content of a web page originally requested via the URL page request, wherein the single TCP packet closes an active session between the subscriber and the web page server.
 13. The method of claim 12, wherein the single TCP packet comprises redirection data and a set FIN bit.
 14. The method of claim 13, wherein the FIN bit terminates a session between the subscriber and the web page server which ensures any packets from the destination server will be rejected at the subscriber.
 15. A system, comprising: a router comprising a processor to process packets transmitted over the Internet; and a redirection device comprising a processor operatively associated with a memory and having access to at least one database; wherein the router: detects selected packets of upstream traffic, wherein the selected packets further comprise a web request to fetch a web page from a destination server, copies selected packets from the subscriber to the redirection device to determine a subscriber identity to determine whether a bulletin service is pending for the subscriber; and wherein the redirection device: detects a URL page request from the subscriber to the destination server: determines a subscriber identity contained in the selected packets via a query execution to the at least one database to further determine whether a bulletin service is pending for the subscriber, wherein if no bulletin service is pending, the subscriber fetches the intended web page form the destination server, in accordance with the web request, otherwise if a bulletin service is pending, processes the selected packets; and provides the redirection packet to the subscriber to close an active session between the subscriber and the destination which ensures any packets from the destination server will be rejected at the subscriber, and wherein the redirection packet comprises an identity of an alternative web page server, enables the subscriber to access the bulletin service, wherein the bulletin service comprises a bulletin service frame with a notification message which is combined with content of a web page originally requested via the URL page request.
 16. The system of claim 15, wherein the router monitors upstream traffic from a subscriber.
 17. The system of claim 15, wherein the web request is a “GET” request.
 18. The system of claim 15, wherein the redirection device generates the redirection packet, as a single TCP packet that mimics a response from the destination server to a notification service in response to a URL page request via an identification of the subscriber in the destination field of the single TCP packet.
 19. The system of claim 18, wherein the active session between the subscriber and the destination server occurs via a FIN bit included in the TCP packet, wherein the single TCP packet comprises redirection data and the FIN bit.
 20. The system of claim 15 wherein the router allows the selected packets to pass through the Internet Service Provider to the destination server. 